How to Implement an Effective Vulnerability Management Program
We’ve written considerably on Vulnerability Management, Vulnerability Assessments and Patching because they are so critical to preventing attacks. I’ve provided links to several of the most read blog posts we have written on the subject. In this blog post, we’ll
Is an MDR Solution or an MSSP Partnership Better for Your Organization?
In this blog post, we want to analyze the differences between a Managed Detection and Response (MDR) solution and a Managed Security Services Provider (MSSP) partnership and how organizations can differentiate between the two and choose which one or both
Nearly 50% Of Businesses Had a Cloud-Based Data Breach or Failed Audit
In the 2022 Thales Global Cloud Security Study, commissioned by Thales and conducted by 451 Research, reported that 45% of businesses it surveyed have experienced a cloud-based data breach or failed audit in the past 12 months, up 5% from
Personal Information & Data Privacy in Canada: PIPEDA 101
What is PIPEDA? In Canada, most legal obligations pertaining to cybersecurity can be found in one of the privacy laws. The principal law is the Personal Information Protection and Electronic Documents Act (PIPEDA), which became law on April 13th, 2000 and
The Perspective of a Cyber Security Leader – An Interview with Bill Boni
Who is Bill Boni? Retired former Senior Vice President Information Security at T-Mobile USA and Corporate Security Officer at Motorola Bill Boni’s Biography Bill Boni is one of the leading information risk management practitioners based in the USA, with broad experience in all
The Log4j Vulnerability is Likely to be a Significant Threat for Years
Until last month, Log4j was simply a popular Java logging framework; one of the numerous components that run in the background of many modern web applications. But since the zero-day vulnerability (CVE-2021-44228) was published, Log4j has made a huge impact
Why MAZE Ransomware Attacks are So Devastating
Why MAZE Ransomware Attacks are So Devastating MAZE ransomware is quickly becoming one of the most devastating strains of Windows ransomware that have infiltrated companies and organizations around the world and demanded that a Bitcoin or Cryptocurrency payment be made in
The 5 Elements to Effectively Managing HIPAA Compliance
Managing Patient Data (PHI) Sprawl In 1996, the Health Insurance Portability and Accountability Act (HIPAA) created an electronic data interchange that health-care providers and other related organizations are required to use for electronic transactions. The HIPAA Privacy regulations require health care
Over 90% of all Cyber-Attacks Involve Phishing – Tips to Stop Phishing Attacks
Phishing Accounts for Over 90% of Cyber-Attacks – Learn How to Stop Them Among the billions of e-mails transmitted each day around the world, a significant and growing portion consists of e-mail attacks aimed at breaching an organization’s defenses to conduct
The CIS 20 Foundational – Beyond the Basics
Beyond the Basics — CIS 20 Part Two – Controls 7-16 All organizations need a roadmap for their cybersecurity defense. Piecemeal or fragmented defense strategies, in response to the latest cyberthreat, leave gaps for attacker exploitation. The Center for Internet Security